11.2 Linking compliance and risk management Flashcards
What is the link between risk management and compliance management?
There are laws associated with risk management. Whenever there are laws, ther is compliance risk, associated with not complying with those laws.
Give three examples of types of regulations relevant to risk management
- Company law and governance (e.g. CA 2006)
- Health and safety law (e.g. Health and Safety at Work Act 1974
- Environmental law (e.g. Environmental Protection Act 1990)
- Prudential regulation (e.g. the PRA)
What is the goal of compliance management?
To ensure that all applicable laws are identified that the implications of these are assessed and understood.
What are the main activities of compliance management?
Putting mechanisms into place to assess whether an organisation is compliant, and designing and implementing controls to maintain compliance.
List three potential compliance risk events.
1 An organisation does not realise that a new law or regulation exists or applies to it.
2 There is a lack of certainty on how to comply with a law or regulation
3 An organisation makes a conscious decision not to comply with a law.
4 Staff members within the organisation cause a breach of regulation.
5 Complexities and conflicting priorities make it hard to comply with all regulations.
